Sunday, March 30, 2014

Overview

I recently wrote a new UI plugin in oVirt, that allows creating a VM that will run a Docker container inside it. This post shares the information about it, explains how to use it and what are the prerequisites.

What is it good for?

Well, Docker gives a very cool wrapping on top of linux containers. In addition, it also gives a public repository people can use! That makes it very easy to both create and consume container images that give different services, such as application servers, databases and many other services. Using the UI plugin to run that inside oVirt makes the job of deploying an existent service as easy as clicking a button (well... some steps are required first, but not too much steps :-) ).

Setting it up

In order to use the UI plugin you first need to fetch it from the samples-uiplugins git repository. The git repository is in git://gerrit.ovirt.org/samples-uiplugins. The plugin is currently being reviewed, so it is available at Docker-Plugin-Patch. Copy the plugin files to /usr/share/ovirt-engine/ui-plugins, so that you'll have the following directory structure:

docker.json

docker-resources/

docker-resources/plugin.html

docker-resources/icon_help.png

docker-resources/launch-docker-dialog.html

docker-resources/progress.gif

Then, you need to configure it. I usually do that using the docker.json file, although you can create a user-specific file as well.
The relevant entries to configure are:

allowedOrigins - that entry is used in order to pass messages between the UI plugin infrastructure and the plugin itself. I'll make it simple and just say you need to put the engine URL there, at the same way you access it with your browser (http://engine-server:port, or https://engine-server:port)

dockerImages - Images you wish to be able to run. It can be either just an image name, or something more specific like user/image:label

Using the plugin

How does it work?

The UI plugin that allows the user to create a new oVirt VM, that runs a selected docker image running a specified command

It uses the cloud-init integration in order to pass the docker commands to the guest

docker image is downloaded from the public registry to the VM on first launch

Prerequisites

The plugin is based on creating a new oVirt VM from a template, passing cloud-init arguments that will configure and run the docker container.
Thus, in order to use it you need to have a Fedora image with docker service (with -r option to make containers start also after VM), cloud-init, and ovirt-guest-agent

It works only in cluster level 3.4 and above, as it requires persisting the cloud-init properties

Make sure the template you create have enough storage, as it might be required when downloading docker images. If you're interested in specific images then I recommend to pull them to the VM you create the template from, that way they'll be available, and won't require downloading the image when starting the container.

Plugin in action

1. You first login to the oVirt admin portal, and go the the VM main tab:

2. There you'll see the "Create Docker VM" button.
3. Press on it, and you'll see the following dialog:

4. Fill in the details:

Choose a DC

Choose a Cluster

Choose a Template that follows the prerequisites above

Fill in other VM properties

Fill in the Docker details (image, port mapping, and command). The command is mandatory only in case the image doesn't have an ENTRYPOINT.

Fill in the cloud-init details (I've decided to put only host name and SSH key, for the sake of simplicity).

5. Press OK

The VM is being created now. Once finished you can run it.
After a few minutes, the IP address of it will appear in the admin portal, so you can either connect to it via SSH if you want (using the public SSH key you've passed), or just use the service it is supplying. In the screenshot I've created a Jboss instance, so I can just see that browsing results in a Test Page. Here is a screenshot showing the IP address:

And here is the result of browsing to this VM (we have mapped port 80 of the container to port 80 of the VM):

Pre-defined image in glance.ovirt.org

In order to ease the process of using this UI plugin, I've created an image you can import from the public oVirt Glance repository, "CentOS 6.5 64-Bit Docker".You can import it using the guide available in my previous post (Importing Glance images as oVirt templates). It is based on the CentOS 6.5 cloud image. Make sure to create a virtual NIC in the template after importing, and also to set the relevant OS.

Note that I tested the plugin both using this template, and using a Fedora 19 template, installed from scratch. Using the Fedora 19 cloud image didn't work well for me, as the docker container got stuck on startup.

Monday, March 3, 2014

Overview

In oVirt 3.4 we extended the integration with Glance, allowing to import Glance images of type QCOW2 or RAW as oVirt templates.
When importing an image you can do one of the following:

Import the image as a disk - useful when you want to take an image and attach it to a VM

Import the image as a template - useful when you would like to take existing image from Glance and use that in order to create several VMs

We also added a public Glance repository to be used by oVirt deployments. A reference to this repository is automatically added in 3.4, so you'll see it in the UI by default, under the name "ovirt-image-repository". You can either use it, or add your own Glance provider, using the steps outlined below.
The public repository currently contains a small amount of images, but we hope to add more images in the near future.

Setting it up

In this section I assume you already have an active Data-Center and Cluster. The DC level should be 3.4 and above for the import and VM creation to work.
Using Glance from within oVirt is pretty easy. If you plan to use the public repository, then all you have to do is:

Go to the Storage main tab

Storage Main Tab

Select the "ovirt-image-repository" domain

In the images sub-tab you'll see a list of available images

Select an image

Selecting an Image

Press Import

Select Data-Center, Storage domain and Quota (I'm not using Quota so it is disabled)

Check the "import as template" checkbox

Select a Cluster

Press OK

Import Image Dialog

Then you'll see that there is a new task running:

Task Progress

Once finished, a new template was created, with default configuration, name that starts with "GlanceTemplate", and description that contains the original image name:

Template Main Tab

You can rename it, and change different properties in it, and then use it as any other template, in order to create new VMs. Before use you should also change the OS type of the template, according to the selected image. The OS type determines whether you can use cloud-init on the VM or not.
The current images are cloud-images, so you'll need to use the integration with cloud-init in order to be able to login/connect to the VM. In order to do that you need to change the OS type of the template, and in case of linux based OS you'll have the option to use cloud-init when adding VMs.

Adding your own Glance provider

In the steps above I used the public Glance repository, which exists by default in 3.4 deployments.
You can also add a reference to your own Glance instance. If your instance doesn't allow anonymous read-only access, then you also have to configure the Keystone details in the oVirt engine, so let's do that first:

Open a shell in the server where the engine is installed

Enter the command:

Restart the oVirt engine

In the Tree on the list, select the External Providers branch

Provider Main Tab

Press Add

Fill in the details

If your provider requires authentication then select "requires authentication", and fill in the relevant credentials

Press Test-Connection to check that the provided details are correct

Press OK

Provider Details

Now go the the storage main tab, there you'll see your new domain, and follow the steps from the same steps outlined above in order to import glance images.

Important notes:

As I wrote earlier, we only supports RAW and QCOW2 images

We currently don't support SSL communication with Glance

The import of these templates and the usage of them is only supported on DC Level 3.4 and above

The Fedora and CentOS images that exist in the public repo are cloud-images, and designed to be initialized using cloud-init. For more information about cloud-init integration in oVirt have a look at Cloud-Init integration and Persistent VM init data

As stated above, import as a template work only on Data-Centers with compatibility level that's 3.4 and above. Currently we also allow that on 3.3, but that's a bug, as the template will be created, but you won't be able to create VMs from it. This will be addressed in 3.4.1.

About Me

Senior Software Engineer for Red-Hat.Have an M.Sc. degree in Computer Science.In the Computer industry for 10 years.In the last few years I worked mostly on the oVirt project, and related ones, focusing mostly Virtualization and Cloud environments.